CISO’s – are your administrators trustworthy?

Who is an administrator?

Every computer has an administrator by default – this administrator is the one who enjoys privileges as (s)he is the only person with the authority to perform certain tasks. Tasks such as installing a software, configuring the operating systems, establishing security policies, maintaining and managing user account passwords and all other management tasks associated with keeping a computer up and running can only be exercised by an administrator. This essentially makes the administrator a person with unequivocal power. Just like we have heard in Spiderman – ‘With great power comes great responsibility’, even in a real-world professional setting, this adage is no alien. Administrators have unparalleled power and that means there is a great level of responsibility associated with them. However, imagine the plight if an administrator misuses his/her privileges to install a bogus software or modify the security policies or change permissions on the system.

Role of CISO in the administrator context

Now, the role of a CISO entails managing the risks to the confidentiality, integrity and availability of the organization’s intellectual property and information technology assets. Given the nature of an administrator’s function and the nature of cyber-attacks lurking around, the most important question for CISO’s now is if the administrators protecting these critical IT assets are trustworthy? The reason being that most of the attacks today are a cause of compromised administrator accounts. The most recent hack to have occurred is that of Equifax where personal identifiable information of over 145 million Americans was stolen as per reports. The main culprits for the hacks, however, have been identified as malicious insiders, accidental insiders and compromised accounts – as per reports. Linking this to the absolute authority and privileges that administrators enjoy, it is evident that hackers see the administrator accounts as the most effective way of hitting where it hurts.

Ways to eliminate administrator perceived security risks

Needless to say you must stay two steps ahead of cyber-attackers. Have you done a thorough background check of your administrators? Most of you might already have. So what else can be done to mitigate such a situation in the future? This is where information security solutions like Privileged Access Management (PAM) play an important role. These solutions are designed to ensure that a cyber security solution sits above in control of the administrators and not the other way around. Administrator access is completely managed and monitored through Privileged Access Management solutions and more so, administrator rights can be granted on a ‘need-to-know, need-to-do basis’. If you already have a PAM solution, you are on the right path – ensure that the solution is being audited and tested for vulnerabilities. It is a best practice to do so and to perform a thorough testing of the solution once every quarter. If you haven’t installed a PAM solution, right now is the time for you to consider prioritizing your privileged access security goals. Regulations have become stringent around this as well and it is better to act now than be sorry tomorrow.

Sectona provides the solution that can help you secure administrator access

Pranav Nair
Pranav drives the marketing initiatives for Sectona. Within a short span in his career, he has amassed a wealth of knowledge in the Privileged Access Management space. He is passionate about finding unique ways to educate and create awareness about cybersecurity. He has been in the information security industry since the past 2 years.